Search Engines utilized to find site holes: The Register

Navigation

User login

GWT in Practice at Manning
GWT in Practice at Amazon
GWT Resources

Unlocking Android at Manning
Unlocking Android at Amazon
Android Resources

Quote

Albert Einstein

I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.

Search Engines utilized to find site holes: The Register

Sat, 06/03/2000 - 09:44 — charlie.collins

A new and rather ingenious method of hacking websites has recently been highly publicized. Using search engines to find passwords and admin pages. This is brilliant for its pure simplicity. Over and over and over people are warned NOT to store passwords in web pages (inside javascript is an all to prevalent method) and over and over and over they DO it anyway!

Access to many site administrative and critical functions are all too often hidden behind a "secret" password that is in clear text on some non-linked page. This is NOT security, this is silly. You would be amazed at the number of sites that employ this (and most webmasters and developers know better, yet they do it anyway, its the easy way.) This and or leaving the passwords to certain components at the default are common yet unneccessary exploits.

Check out the linked Register story, you can learn firsthand how to use some advanced portions of search engines to find things like "password==" or "admin", etc. Be aware of the issue and be smart enough not to give away your passwords. Searching for site holes: The Register

Security

Screaming Penguin - Source Does Matter

Navigation

User login

Quote

Search Engines utilized to find site holes: The Register

TotSP Search

Community

Chatter

Popular content

Today's:

All time:

Last viewed: